﻿using KAKA.Domain;
using KAKA.Repository;
using Morus;
using System.Web;
using System.Web.Mvc;

namespace KAKA
{
    public class AuthorizationAttribute : System.Web.Mvc.AuthorizeAttribute, IAuthorizationFilter
    {
        public AuthorizationAttribute()
            : this(Role.User)
        {
            Order = 1;
        }

        public AuthorizationAttribute(Role role)
        {
            Role = role;
        }

        public Role Role { get; set; }

        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            if (httpContext.Request.IsAuthenticated && httpContext.User.Identity.Name.IsNotEmpty())
            {
                var user = WebUtil.GetCurrentUser();

                if ((user.Role & Role) == Role)
                {
                    return true;
                }
                else
                {
                    return false;
                }
            }
            return false;
        }

    }
}